Increasing protection against cyber attack in an unpredictable global environment

In the wake of the Russian invasion of Ukraine, the FCA and the SEC have called for firms to implement more stringent measures against cyber-attacks. Although cyber-attacks against Ukraine are currently at lower levels than expected, cyber-attacks have still increased by 196% against the government and military sectors in Ukraine which is a figure I see could continue to grow. It follows that, since Western support is key to Ukrainian resistance, Russian backed hackers are likely to attack sectors of the Western economy, not only to disable government responses but also as a source of income as the Russian war chest dwindles. This means we must be more vigilant than ever to keep our businesses safe from harm.

It seems prudent for firms to evaluate their vulnerability to cyber attack. There is a market for hiring so-called ‘white hat’, or ethical, hackers to tease out vulnerabilities in security systems,, and that market is naturally growing at pace right now. A key method of ethical hacking is penetration testing, where a simulated attack is launched on the security system using the techniques of real-world hackers. Generally, this covers both insider and outsider attacks. Several other tools are also used by ethical hackers, including threat intelligence (identifying further adversaries), providing disaster recovery plans, and even sending out malware-laden emails to see how employees will react to them.

Naturally, the sensitive data that financial firms hold makes them a target for ransomware attacks, this is nothing new. This makes it important that data is stored in a manner that will pass penetration testing. Additionally, it is sensible to take precautions with the way that data is sent to the location of your teams.

Not only are financial firms vulnerable to ransomware, but also to critical infrastructure attacks should the Russian government decide to harm Western economies. For example, if Russia decides to launch a cyber-attack on telecoms in the West, like on Ukrtelecom in Ukraine, firms may be deprived of internet access. Similarly, hackers may target energy, or even extract a ransom by disrupting critical infrastructure, as happened in the Colonial Pipeline attack of May 2021, which was carried out by the Russian cybercrime ring DarkSide.

It is, however, difficult to estimate the scale of the problem. In Ukraine, where cyber-attacks seem to be ramping up, assessing how many cyber attacks are taking place in the government is almost impossible as the situation is evolving quickly and there are several areas that the authorities need to pay attention to at once. Furthermore, it is also difficult to assess damage being done by cyber attacks in the private sector (excluding utilities), particularly in smaller firms, because they are not obliged to report the attacks. There is also reputation at stake when an attack takes place, and it is difficult to know how many attacks go unreported because of this.

Now is the time for firms to evaluate their cyber security protocols and tighten them up if they are not sufficient for the current situation. If you are unsure or would like to discuss your situation further, please do reach out. I am here to help.